[Samba] auth to two diff PDCs? (success, sort of)
Andrew Bartlett
abartlet at samba.org
Tue Oct 29 13:11:10 GMT 2002
Mike Brodbelt wrote:
>
> Collins, Kevin wrote:
> > Hi All:
> >
> > Excuse me for butting in here, but I'm planning a migration from WinNT 4
> > to Samba in the near future and this thread has caused me to worry a
> > little.
> >
> > Take the case that I'm planning: 3 Domains each to its own LAN
> > (connected via 128k Frame Relay lines to form a WAN) Each domain
> > currently has a NT 4 PDC and each domain "trusts" each other. How do I
> > accomplish these "trusts" only using Samba PDCs?
>
> With difficulty. There are a number of ways to hack round the problem
> which you'll find if you search, but it's not supported functionality ATM.
>
> > Meaning: If I rip out the NT Domains, replace the PDCs with Samba PDCs
> > and rebuild new domains (new Domain Names, new NetBIOS names for the
> > PDCs, etc.) How do I get the three domains to once again trust each
> > other? Is there a Samba command to do this?
>
> Not at present. The current release branch of Samba (2.2.x) does not
> support trust relationships between domains. Samba 3.x will support this
> functionality, and I believe the code is already in CVS to do it.
>
> You could get an alpha of Samba 3.x, or a CVS checkout, and try to make
> it work with that. If I were you, I think I'd try this, but run 2 copies
> of Samba on each server, 3.x alpha for the PDC aspect, and 2.2.x for the
> actual file/print serving. You can bind two IP's to the NIC in your
> machines, and run 3.x on one IP, and 2.2 on the other.
The file & print part of Samba 3.0 is it's most stable part, so you
don't gain much by this. However, the domain trusts stuff basicly
doesn't yet function - we still need to work on some details. Now if
you want to help us with that... :-)
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list